Debian Bug report logs -
#931031
expat: CVE-2018-20843
Package:
src:expat;
Maintainer for src:expat is Laszlo Boszormenyi (GCS) <gcs@debianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Mon, 24 Jun 2019 20:54:02 UTC
Severity: important
Tags: security, upstream
Found in version expat/226-1
Fixed ...
Expat could be made to consume a high amount of RAM and CPU resources
if it received a specially crafted XML file ...
Expat could be made to consume a high amount of RAM and CPU
resources if it received a specially crafted XML file ...
It was discovered that Expat, an XML parsing C library, did not properly
handled XML input including XML names that contain a large number of
colons, potentially resulting in denial of service
For the stable distribution (stretch), this problem has been fixed in
version 220-2+deb9u2
We recommend that you upgrade your expat packages
For the det ...
It was discovered that the "setElementTypePrefix()" function incorrectly extracted XML namespace prefixes By tricking an application into processing a specially crafted XML file, an attacker could cause unusually high consumption of memory resources and possibly lead to a denial of service (CVE-2018-20843)
In libexpat before 228, crafted XML in ...
It was discovered that the "setElementTypePrefix()" function incorrectly extracted XML namespace prefixes By tricking an application into processing a specially crafted XML file, an attacker could cause unusually high consumption of memory resources and possibly lead to a denial of service (CVE-2018-20843)
In libexpat before 228, crafted XML in ...
Synopsis
Moderate: expat security update
Type/Severity
Security Advisory: Moderate
Topic
An update for expat is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System (CVSS) base score, which ...
Synopsis
Moderate: expat security update
Type/Severity
Security Advisory: Moderate
Topic
An update for expat is now available for Red Hat Enterprise Linux 8Red Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System (CVSS) base score, which ...
Synopsis
Moderate: mingw-expat security update
Type/Severity
Security Advisory: Moderate
Topic
An update for mingw-expat is now available for Red Hat Enterprise Linux 8Red Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System (CVSS) base s ...
Synopsis
Low: OpenShift Container Platform 4340 security and bug fix update
Type/Severity
Security Advisory: Low
Topic
An update is now available for Red Hat OpenShift Container Platform 43Red Hat Product Security has rated this update as having a security impact of Low A Common Vulnerability Scoring S ...
Synopsis
Moderate: security update - Red Hat Ansible Tower 36 runner release (CVE-2019-18874)
Type/Severity
Security Advisory: Moderate
Topic
Red Hat Ansible Tower 36 runner release (CVE-2019-18874)
Description
Updated python-psutil version to 566 inside ansible-runner container(CVE-20 ...
Synopsis
Important: Red Hat JBoss Core Services Apache HTTP Server 2437 SP3 security update
Type/Severity
Security Advisory: Important
Topic
Red Hat JBoss Core Services Pack Apache Server 2437 Service Pack 3 zip release for RHEL 6, RHEL 7 and Microsoft Windows is availableRed Hat Product Security has r ...
Synopsis
Important: Red Hat JBoss Core Services Apache HTTP Server 2437 SP3 security update
Type/Severity
Security Advisory: Important
Topic
Updated packages that provide Red Hat JBoss Core Services Pack Apache Server 2437 and fix several bugs, and add various enhancements are now available for Red Hat ...
Synopsis
Moderate: Release of OpenShift Serverless 1110
Type/Severity
Security Advisory: Moderate
Topic
Release of OpenShift Serverless 1110
Description
Red Hat OpenShift Serverless 1110 is a generally available release of theOpenShift Serverless Operator This version of the OpenShif ...
Synopsis
Moderate: OpenShift Container Platform 46 compliance-operator security and bug fix update
Type/Severity
Security Advisory: Moderate
Topic
An update for compliance-content-container, ose-compliance-openscap-container, ose-compliance-operator-container, and ose-compliance-operator-metadata-container ...
Synopsis
Moderate: Release of OpenShift Serverless 1120
Type/Severity
Security Advisory: Moderate
Topic
Release of OpenShift Serverless 1120Red Hat Product Security has rated this update as having a security impactof Moderate A Common Vulnerability Scoring System (CVSS) base score,which gives a detaile ...
Synopsis
Moderate: Red Hat Quay v333 bug fix and security update
Type/Severity
Security Advisory: Moderate
Topic
Red Hat Quay v333 is now available with bug fixes and security updatesRed Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring S ...
Synopsis
Moderate: OpenShift Container Platform 46 compliance-operator security and bug fix update
Type/Severity
Security Advisory: Moderate
Topic
An update for compliance-content-container, ose-compliance-openscap-container, ose-compliance-operator-container, and ose-compliance-operator-metadata-container ...
Synopsis
Moderate: OpenShift Container Platform 4103 security update
Type/Severity
Security Advisory: Moderate
Topic
Red Hat OpenShift Container Platform release 4103 is now available withupdates to packages and images that fix several bugs and add enhancementsRed Hat Product Security has rated this update as having a security impact of ...
Synopsis
Moderate: Red Hat OpenShift Container Storage 460 security, bug fix, enhancement update
Type/Severity
Security Advisory: Moderate
Topic
Updated images are now available for Red Hat OpenShift Container Storage 460 on Red Hat Enterprise Linux 8Red Hat Product Security has rated this update as ha ...
Synopsis
Moderate: security update - Red Hat Ansible Tower 37 runner release (CVE-2019-18874)
Type/Severity
Security Advisory: Moderate
Topic
Red Hat Ansible Tower 37 runner release (CVE-2019-18874)
Description
Updated python-psutil version to 566 inside ansible-runner container (CVE-2 ...
Nessus versions 8140 and earlier for Windows were found to contain multiple local privilege escalation vulnerabilities which could allow an authenticated, local administrator to run specific Windows executables as the Nessus host
Additionally, two third-party components (expat, sqlite) were found to contain vulnerabilities, and updated versions ...